Platform Integrity Verification System and Information Processing Device

1. A platform integrity verification system having an information processing device and an integrity verification computer that are is communicably connected to each other, wherein said information processing device comprises: an acquisition unit configured to perform acquisition processing including acquiring a plurality of unique values from a plurality of programs executed by said information processing device when said information processing device is shut down, each respective unique value of the plurality of unique values acquired from a respective program of the plurality of programs, wherein said information processing device is configured, after said acquisition unit finishes the acquisition processing, to report to said integrity verification computer that said information processing device is shut down; and a storage unit configured to store the plurality of unique values acquired by said acquisition unit in a storage device, and said integrity verification computer comprises a comparison unit configured to retrieve each respective unique value of the plurality of unique values stored in the storage device through communication with said information processing device and to compare the respective unique value with a respective predetermined value held in advance for the respective program from which the respective unique value was acquired by the acquisition unit.

2. The platform integrity verification system according to claim 1 , wherein said comparison unit is configured to enable said integrity verification computer to acquire a measurement value recorded in the storage device via a communication path, of which security is ensured.

3. The platform integrity verification system according to claim 1 , wherein said information processing device includes an acquisition target list, having recorded in advance, at least one program of an acquisition target for said acquisition unit, and said acquisition unit is configured to acquire a unique value for the one program recorded in the acquisition target list.

4. The platform integrity verification system according to claim 1 , wherein said integrity verification computer comprises a report unit configured to report a comparison result of said comparison unit to a predetermined computer.

5. The platform integrity verification system according to claim 1 , wherein said integrity verification computer is adapted to access the plurality of unique values stored in the storage device after having received a shutdown report from said information processing device, even in a state where said information processing device is shut down.

6. The platform integrity verification system according to claim 5 , wherein if a value retrieved from the storage device and a value held in advance in said integrity verification computer are not matched as a result of the comparison in said comparison unit, said integrity verification computer is configured to write mismatch information showing the mismatch information in said storage device, and when the storage device stores the mismatch information, said information processing device is configured to not start up said information processing device.

7. The platform integrity verification system according to claim 1 , wherein said acquisition unit is configured to record a program, of which a respective unique value of the plurality of unique values is acquired, in a post-acquisition list, and to acquire, with reference to said post-acquisition list, a respective unique value of the plurality of unique values from a program, of which a unique value was not acquired.

8. The platform integrity verification system according to claim 1 , wherein said acquisition unit is configured to acquire a hash value of a program of the plurality of programs.

9. An information processing device that executes a plurality of programs, comprising: an acquisition unit configured to perform acquisition processing including acquiring a plurality of unique values from said plurality of programs when said information processing device is shut down, each respective unique value of the plurality of unique values acquired from a respective program of the plurality of programs, wherein, after said acquisition unit finishes the acquisition processing, said information processing device is configured to report to an integrity verification computer that said information processing device is shut down; a storage unit configured to store the plurality of unique values acquired by said acquisition unit in a storage device; a determination unit configured to determine whether or not each respective unique value of the plurality of unique values stored in said storage device is correct, when said information processing device is started up; and a control unit configured to control said information processing device not to be started up if said determination unit determines that at least one unique value of the plurality of unique values is not correct.